fbpx

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
Motorcycle & Powersports News
Motorcycle and powersports content for dealers, professionals and enthusiasts
Business Management

Protect Your Dealership From Growing Cyber Liabilities

Data breaches and other malicious activities aren’t going away, but keeping your team prepared for the latest exposures can help lower your business’s risks.

Dan Zastava
By Dan Zastava

Data breaches. You’ve heard about them in the news and on social media by now. But with the growing complexity of cyber-attacks, do you know if your motorsports dealership is prepared for the full range of risks it could face?

Related Articles

According to the 2020 Cost of Data Breach Report released by IBM, the average total cost of a business data breach is $3.86 million. Even worse, lost business costs account for nearly 40% of that total due to increased customer turnover, lost revenue associated with system downtime and added costs to acquire new business due to a diminished reputation. In short, just one data breach could have detrimental—and lasting—impacts on your dealership.

Below are risks and tips we’ve helped other motorsports dealers with at Sentry. My hope is that you discover at least one new idea to take back to your dealership so that your team can focus on delivering motorsports to customers, with confidence that your data is secure.

Ransomware

Ransomware is malicious software that restricts access to files on an infected machine—usually by encrypting them. An attacker then demands a ransom payment in exchange for restoring access to the files by providing the key to decrypt the data. While ransomware is unpredictable, there are several steps you can take to reduce your dealership’s risks:

  • Ensure that your anti-virus software is up to date
  • Apply vulnerability patches as soon as you’re able and enable automated patches for your operating system, software, firmware, and web browsers.
  • Consider network segmentation.
  • Implement and test a data backup and recovery plan to maintain copies of your sensitive data in a separate and secure location, preferably offline or with a trusted cloud solution.
  • Establish firewall settings that prevent access to known malicious IP addresses.
  • Make sure that backup copies of sensitive data aren’t readily accessible from local networks.
  • Train your employees on how to avoid phishing attempts. Test them frequently to maintain awareness.
  • Enable strong identity and access-management programs with established principles of least privilege, or “need to know.”

If your dealership faces the unfortunate event of a ransomware infection, there are several ways you can respond. First, disconnect any infected machines from your network and contact both law enforcement and your insurance provider immediately.

Next, evaluate the extent of the infection, identify the ransomware type, and determine whether the infected machine was connected to shared or unshared network drives, external hard drives, USBs or cloud-based storage. You’ll also want to check for any registries or file listings created by the ransomware.

Finally, clean the ransomware from your systems, reinstall the operating system, and restore it from a reliable backup. A well-organized backup plan is one of the best countermeasures your dealership can take against ransomware.

Fraudulent impersonation

Another rising issue many motorsports dealers face is fraudulent impersonation. This can happen when a vendor of your dealership, who appears to be legitimate, asks your business to modify wireless payment instructions such as a different bank and routing number. If the request is completed by a member of your team, the hacker who impersonated your business’s vendor would then be the recipient of those funds, sometimes in the tens or hundreds of thousands of dollars, which may be unrecoverable in some instances.

This specific cyberattack has been an increasing trend during 2020, however you can reduce the likelihood and risk of these incidents by requiring a multi-step confirmation process. Before altering payment instructions, confirm the transaction through a known telephone number of your vendor—not the one listed in the email. If everything checks out, require dual signoffs to confirm each request is reviewed thoroughly. As with any significant change, two sets of eyes are better than one. If an impersonating attacker does access your dealership’s finances, insurance coverage may be available depending on your carrier.

The importance of device encryption

As a parting piece of advice, don’t underestimate the value of encrypting your email, devices, and disks. Unencrypted technology not only may allow an attacker to intercept and read your messages in plain text, but you won’t know how many places the data is stored, or even if it was intercepted.

Your encryption plan will mostly depend on your dealership’s size, budget, and technical needs, however the following checklist should help you get started:

  • Identify your sensitive data: Determine which data in your organization needs encrypting.
  • Determine your budget: Encryption products range from free open-source tools to paid solutions designed for large organizations.
  • Find a solution: Choose an encryption software that implements the Advanced Encryption Standard (AES) algorithm—the industry standard specified by the National Institute of Standards and Technology. All three AES standard key lengths provide robust, industry-standard encryption.
  • Configure email software: Set up your software to encrypt messages automatically. This way, employees won’t forget or skip encryption.
  • Encourage others: Work with external parties to set up compatible email encryption systems so you can send each other secure messages easily.
  • Enforce a password policy: Consider using long passwords—not just the 4-digit PINs or geometric patterns that are often the default on smartphones.
  • Train your employees: Teach them how encryption works, why it’s a critical component of your cybersecurity policy,

Data breaches and other malicious activities aren’t going away, but keeping your team prepared for the latest exposures can help lower your business’s risks. With the new year quickly approaching, consider reviewing your dealerships coverages to make sure you’re properly protected from a costly data breach. While this isn’t a comprehensive list, I hope it can serve as a starting point for your business.

For more information and recommendations, speak with your local experts, insurer or business’s attorney to make sure you’re covered.

Dan Zastava is the director of corporate underwriting and product development for Sentry Insurance a Mutual Company, which is headquartered in Stevens Point, Wisconsin. Visit sentry.com to learn about the insurance, retirement products and risk management solutions Sentry provides to motorsports dealers.

You May Also Like

motorcycle, rain, rain suit, rider
AIMExpo 2023
UTVs, side-by-sides, SSVs
UTVs, Side-by-sides
Sales and Service

Audio Systems for Motorcycles and Powersports

Considerations for choosing the right sound.

Avatar
By Brian Sexton
audio system

We’ve all grown accustomed to listening to music or some form of audio while we’re behind the wheel. So, it stands to reason that many riders may want to find a way to listen to music while they’re riding their motorcycle or powersports machine. This applies to nearly all forms of powersports: personal watercraft, ATVs, side-by-sides and motorcycles. All of these machines can potentially have some form of audio system installed from the factory or customized in the aftermarket.

Read Full Article

More Business Management Posts
Destination Dealership: Southland Powersports

At the intersection of work and play.

By Evan Laux
Southland Powersports
Dos and Don’ts for AIMExpo 2023

Tradeshows are something I try to maximize. Here are some dos and don’ts for AIMExpo.

By Jessica Shine
AIMExpo
The Future of Motorcycling: ICE vs. EV

But does it really have to be a battle between these two types?

By Meagan Kusek
ICE engine, EV, internal combustion, electric vehicle, charter, gas pump, motorcycle
V-Twin and Cruiser Trends

Which parts of a bike are riders most likely to customize?

By MPN Staff Writers
cruiser, motorcycle, V-twin

Other Posts

FIN GPS Recovers 2022 Kawasaki Ninja ZX-6R

The owner received a motion alert when he was at work late at night.

By MPN Staff Writers
FIN GPS
Protective Asset Protection’s Lifetime Battery Protection Program

The program is available in all states except Florida and Washington.

By MPN Staff Writers
Protective Assest Protection logo
FIN GPS Recovers 2023 KAWASAKI Ninja ZX-6R Motorcycle

The owner was at work when he received information that his motorcycle was on the move.

By MPN Staff Writers
FIN GPS, Kawasaki Ninja
Destination Dealership: Savannah Motorsports

Savannah Motorsports describes itself as a “small, hometown dealership,” but customers are willing to travel the extra miles from all over the Southeast thanks to the dealership’s can-do, friendly attitude.

By Margie Siegal